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In the Claims 

Applicant has submitted a new complete claim set showing marked up claims with 
insertions indicated by underlining and deletions indicated by strikeouts and/or double 
bracketing. 

Please amend pending claims 1, 17, 33 and 34 as noted below. 



Listing of the Claims 



1 . (Currently Amended) A method of controlling usage , by a user, of network resources of 
a communications network by a user beyond a network device of the communications network 
that serves as the user's entry point to the communications network, the method comprising acts 
of: 

(A) configuring a port module of the network device with one or more packet rules 
corresponding to an identity of the user , wherein the user is using a user device that is directly 
connected to the network device ; 

(B) receiving , at the port module, a packet from a the user device used by th e user at the 
port modul e; and 

^ (C) before using any of the network resources beyond the network device, applying the 

one or more packet rules to the received packet. 

2. (Original) The method of claim 1, further comprising: 

(D) prior to act (A), authenticating the identity of the user, wherein act (A) results from 
the authentication. 



3. (Original) The method of claim 1, further comprising an act of: 

(D) repeating act (C) for all packets received at the port module until the user logs off of 
the communications network. 

4. (Original) The method of claim 1, wherein the port module is dedicated to the device of 
the user until the user logs off of the communications network. 
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5. (Original) The method of claim 1, the method further comprising: 

(D) selecting the one or more packet rules based on the identity of the user. 

6. (Original) The method of claim 5, wherein the identity of the user is associated with a 
role assigned to the user, and the role is associated with the one or more packet rules, and 
wherein act (D) comprises: 

selecting the one or more packet rules based on the role. 

7.. (Original) The method of claim 6, wherein act (A) further comprises: 
configuring the port module according to the role. 

8. (Original) The method of claim 1, wherein the method further comprises an act of: 
(D) routing the packet based on the one or more packet rules. 

9. (Original) The method of claim 1, wherein the method further comprises an act of: 
(D) preventing the packet from being transmitted onto a transmission medium of the 

communications network based on the one or more packet rules. 



10. (Original) The method of claim 1, wherein act (C) comprises: 
configuring the packet based on the one or more packet rules. 

1 1 . (Original) The method of claim 10, wherein configuring the packet comprises an act of: 
changing information included in the received packet. 

12. (Original) The method of claim 10, wherein configuring the packet comprises an act of: 
adding information to the received packet. 



13. (Original) The method of claim 1, wherein the method further comprises an act of: 

(D) controlling an amount of bandwidth on the communications network consumed by 
the user based on the one or more packet rules. 
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14. (Original) The method of claim 1 , wherein the method further comprises an act of: 
(D) controlling access to devices residing on the communications network based on the 

one or more packet rules. 

15. (Original) The method of claim 1, wherein the method further comprises an act of: 
(D) controlling access to information stored on devices residing on the communications 

network based on the one or more packet rules. 

- 16; (Original) The method of claim 1, wherein the method further comprises an act of: - 

(D) controlling access to at least a portion of an application stored on a device residing on 
the communications network based on the one or more packet rules. 

17. (Currently Amended) A network device serving as an entry point to a communications 
network for a user and operative to control usage of network resources by the user beyond the 
network device, the network device comprising: 

a port module including port configuration logic to configure the port module with one or 
more packet rules corresponding to an identity of the user , wherein the user is using a user device 
that is directly connected to the network device , the port module further including a physical port 
to receive a packet from a the user device of the us e r and rule application logic to apply the one 
or more packet rules to the received packet before using any of the network resources beyond the 
network device. 

18. (Original) The system of claim 17, further comprising: 

authentication logic to authenticate the identity of the user, wherein the configuration 
logic is operative to configure the port module in response to the authentication. 

19. (Original) The system of claim 17, wherein the rule application logic is operative to 
apply the one or more packet rules to all packets received from the device of the user at the port 
module until the user logs off of the communications network. 
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20. (Original) The system of claim 17, wherein the port module is dedicated to the device of 
the user until the user logs off of the communications network. 

21 . (Original) The system of claim 17, wherein the port configuration logic is operative to 
select the one or more packet rules based on the identity of the user. 

22. (Original) The system of claim 21, wherein the identity of the user is associated with a 
role assigned to the user, and the role is associated with the one or more packet rules, and 

- wherein the port configuration logic is operative_to select the jone or more packet rules based on 
the role. 

23. (Original) The system of claim 22, wherein the port configuration logic is operative to 
configure the port module according to the role. 

24. (Original) The system of claim 17, wherein the port module is operative to route the 
packet based on the one or more packet rules. 

25. (Original) The system of claim 17, wherein the port module is operative to prevent the 
packet from being transmitted onto a transmission medium of the communications network 
based on the one or more packet rules. 

26. (Original) The system of claim 17, wherein the rule application logic is operative to 
configure the packet based on the one or more packet rules. 

27. (Original) The system of claim 26, wherein the rule application logic is operative to 
configure the packet by changing information included in the received packet. 

28. (Original) The system of claim 26, wherein the rule application logic is operative to 
configure the packet by adding information to the received packet. 



725373-1 





Serial No.: 10/071,873 



-6- 



Art Unit: 2131 



29. (Original) The system of claim 17, wherein the port module is operative to control an 
amount of bandwidth on the communications network consumed by the user based on the one or 
more packet rules. 

30. (Original) The system of claim 17, wherein the port module is operative to control access 
to devices residing on the communications network based on the one or more packet rules. 

31. (Original) The system of claim 17, wherein the port module is operative to control access 
to information stored on devices residing on the communications network based on the one or 
more packet rules. 

32. (Original) The system of claim 17, wherein the port module is operative to control access 
to at least a portion of an application stored on a device residing on the communications network 
based on the one or more packet rules. 

33. (Currently Amended) A network device serving as an entry point to a communications 
network for a user, the network device operative to control usage of network resources beyond 
the network device by the user and comprising: 

a port module including a physical port to receive a packet from a device used by the user 
and rule application logic to apply one or more packet rules to the received packet before using 
any of the network resources beyond the network device; and 

means for configuring the port module with the one or more packet rules based on an 
identity of the use r, wherein the user device is directly connected to the network device. 

34. (Currently Amended) A computer program product, comprising: 
a computer-readable medium; and 

computer-readable signals stored on the computer-readable medium that define 
instructions that, as a result of being executed by a computer, instruct the computer to perform a 
process of controlling usage of network resources , by a user, of a communications network by-a 
user beyond a network device of the communications network that serves as the user's entry 
point to the communications network, the process comprising acts of: 
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(A) configuring a port module of the network device with one or more packet rules 
corresponding to an identity of the user , wherein the user is using a user device that is directly 
connected to the network device ; 

(B) receiving , at the port module, a packet from a the user device us e d by th e us e r at the 
port modul e; and 

(C) before using any of the network resources beyond the network device, applying the 
one or more packet rules to the received packet. 

35. (Original) A method of controlling usage of network resources of a communications 
network by a user, wherein the user has an assigned role with respect to the communications 
network, and the assigned role is associated with one or more packet rules, each packet rule 
including a condition and action to be taken if a packet received at a device satisfies the 
condition, the method comprising acts of: 

(A) receiving a packet including identification information of the user from a device of 
the user at a port module of a network device; 

(B) determining the assigned role of the user based on the identification information; and 

(C) configuring the port module with the one or more packet rules associated with the 
assigned role of the user. 

36. (Original) The method of claim 35, wherein the network device serves as an entry point 
to the communications network for the user. 

37. (Original) The method of claim 35, wherein user information about the user is stored on 
a computer-readable medium residing on the communications network, the user information 
including identification information and the assigned role of the user, and act (B) further 
comprises acts of: 

accessing the stored user information to determine if the identification information 
included therein matches the identification information included in the received packet; and 

if it is determined that the stored identification information matches the received 
identification information, determining the assigned role from the stored user information. 
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38. (Original) The method of claim 35, further comprising: 
(D) assigning the assigned role to the user. 

39. (Original) The method of claim 35, further comprising: 
(D) authenticating the identity of the user. 

40. (Original) A system for controlling usage of network resources of a communications 
network by a user, wherein the user has an assigned role with respect to the communications 
network, and the assigned role is associated with one or more.packet rules, each packet rule 
including a condition and action to be taken if a packet received at a device satisfies the 
condition, the system comprising: 

a port module including a physical port to receive a packet including identification 
information of the user from a device of the user and port configuration logic to configure the 
port module with the one or more packet rules associated with the assigned role of the user; and 

an authentication module to determine the assigned role of the user based on the 
identification information. 

41 . (Original) The system of claim 40, wherein the port module serves as an entry point to 
the communications network for the user. 

42. (Original) The system of claim 40, wherein user information about the user is stored on a 
computer-readable medium residing on the communications network, the user information 
including identification information and the assigned role of the user, and 

wherein the authentication module is operative to control accessing the stored user 
information to determine if the identification information included therein matches the 
identification information included in the received packet, and to determine the assigned role 
from the stored user information if it is determined that the stored identification information 
matches the received identification information. 
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43. (Original) The system of claim 40, further comprising: 
assigning logic to assign the assigned role to the user. 

44. (Original) The system of claim 40, the authentication module is operative to authenticate 
the identity of the user. 

45. (Original) A system for controlling usage of network resources of a communications 
network by a user, wherein the user has an assigned role with respect to the communications 

_ network, and the assigned role is associated with one or more packet rules, each packet rule 
including a condition and action to be taken if a packet received at a device satisfies the 
condition, the system comprising: 

a port module including a physical port to receive a packet including identification 
information of the user from a device of the user and port configuration logic to configure the 
port module with the one or more packet rules associated with the assigned role of the user; and 

means for determining the assigned role of the user based on the identification 
information. 

46. (Original) A computer program product, comprising: 
a computer-readable medium; and 

computer-readable signals stored on the computer-readable medium that define 
instructions that, as a result of being executed by a computer, instruct the computer to perform a 
process of controlling usage of network resources of a communications network by a user, 
wherein the user has an assigned role with respect to the communications network, and the 
assigned role is associated with one or more packet rules, each packet rule including a condition 
and action to be taken if a packet received at a device satisfies the condition, the process 
comprising acts of: 

(A) receiving a packet including identification information of the user from a device of 
the user at a port module of a network device; 

(B) determining the assigned role of the user based on the identification information; and 

(C) configuring the port module with the one or more packet rules associated with the 
assigned role of the user. 




